VDB
CVE-2017-1000499
CVE-2017-1000499
PUBLISHED
Reported by mitre · Published January 3, 2018
phpMyAdmin versions 4.7.x (prior to 4.7.6.1/4.7.7) are vulnerable to a CSRF weakness. By deceiving a user to click on a crafted URL, it is possible to perform harmful database operations such as deleting records, dropping/truncating tables etc.
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| n/a | n/a | n/a |
| n/a | n/a | n/a, n/a |
Exploit Intelligence
- Villaquiranm/5MMISSI-CVE-2017-1000499 (github-poc-repo)
- Villaquiranm/5MMISSI-CVE-2017-1000499 (github-poc-repo)
- Villaquiranm/5MMISSI-CVE-2017-1000499 (github-poc-repo)
- Villaquiranm/5MMISSI-CVE-2017-1000499 (github-poc-repo)
- Villaquiranm/5MMISSI-CVE-2017-1000499 (github-poc-repo)
- Villaquiranm/5MMISSI-CVE-2017-1000499 (github-poc-repo)
- https://www.exploit-db.com/exploits/45284/ (nist-nvd)
- http://cyberworldmirror.com/vulnerability-phpmyadmin-lets-attacker-perform-drop-table-single-click/ (nist-nvd)
- Villaquiranm/5MMISSI-CVE-2017-1000499 (github-poc)
- Villaquiranm/5MMISSI-CVE-2017-1000499 (github-poc)
…and 4 more exploits
Timeline
- Jan 3, 2018 CVE Published
- Aug 29, 2018 PoC Published
- Apr 30, 2019 CVE Updated
- Apr 14, 2021 EPSS Score
- Mar 7, 2023 EPSS Score
- Mar 28, 2023 EPSS Score
- May 27, 2023 EPSS Score
- Jul 6, 2023 EPSS Score
- Aug 13, 2024 EPSS Score
- Mar 17, 2025 EPSS Score
- Mar 19, 2025 EPSS Score
- Mar 27, 2025 EPSS Score